Hyland Perceptive Document Filters Multiple Remote Code Execution Vulnerabilities

Bugtraq ID:	104023
Class:	Unknown
CVE:	CVE-2018-3855 CVE-2018-3844 CVE-2018-3851 CVE-2018-3845
Remote:	Yes
Local:	No
Published:	Apr 26 2018 12:00AM
Updated:	Apr 26 2018 12:00AM
Credit:	Marcin 'Icewall' Noga of Cisco Talos.
Vulnerable:	Hyland Perceptive Document Filters 11.4.0.2647
Not Vulnerable:

Hyland Perceptive Document Filters Multiple Remote Code Execution Vulnerabilities

Hyland Perceptive Document Filters is prone to multiple remote code-execution vulnerabilities.

An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Hyland Perceptive Document Filters Multiple Remote Code Execution Vulnerabilities

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Hyland Perceptive Document Filters Multiple Remote Code Execution Vulnerabilities

References:

• Hyland Home Page (Hyland)
  
• Hyland Perceptive Document Filters DOC to HTML updateNumbering Code Execution Vu (Cisco Talos)
  
• Hyland Perceptive Document Filters DOCX to HTML Code Execution Vulnerability (Cisco Talos)
  
• Hyland Perceptive Document Filters Microsoft Word CDATA Code Execution Vulnerabi (Cisco Talos)
  
• Hyland Perceptive Document Filters OpenDocument to JPEG conversion SkCanvas Code (Cisco Talos)